A big challenge involved in writing a newspaper column is that what is written one day can be immediately overtaken by events before the next edition of Atención is printed. That is what just happened here, calling for a minor update to the advice dispensed only last week.
Earlier I had urged everyone to point their browser to “haveibeenpwned.com” (no www) to see if their email address(es) appear on any of the black market lists of stolen personal data used by cybercrooks. If your email address appears on one of these lists, it behooves you to take action. There is nothing you can do about changing your sex, and it is really inconvenient to change your email address or physical address; but you can and should change your passwords. This is especially true if you are lazy about your password, meaning that you have a favorite one you use over and over again. If the haveibeenpawned.com site says your email address appears on any of the lists of hacked accounts, then you need to change that password immediately.
Some days ago, we learned that Facebook had been hacked again, resulting in personal data of over 500 million Facebook users being posted publicly in a well-known hacker forum on the dark web. The trove of data includes full names, sex, Facebook IDs, phone numbers, name of employer, physical locations, email addresses, dates of birth, relationship statuses, and other biographical information. This is exactly the kind of information cyber crooks can and do use.
Heretofore it was only possible to search for “pwned” email addresses. But when Facebook lost hundreds of millions of users’ phone numbers, all meticulously and consistently formatted, Troy Hunt, CEO and founder of Have I Been Pwned, was able to add a new feature—the ability to learn if your phone number is on the Facebook list now in the hands of cybercrooks.
So, what all you readers need to do is visit the website “haveibeenpwned.com” again, as I hope you did last week. This time check to see if your phone numbers are included in the most recent Facebook hack. Open the haveibeenpwned.com web site and enter your phone number, using the “E.164” standard—enter the country code followed by area code, then your local number. Thus, a Mexican number is “52,” (the country code for Mexico), followed by a 3-digit area code for the city and a 7-digit local number. A U.S. number is country code “1” followed by 10 digits.
Facebook has already said there is little it can do to help users affected by the latest breach since their data is already out in the open. So if your phone is on the list, please remain vigilant about phishing schemes or fraud using your data.
Charles Miller is a freelance computer consultant, a frequent visitor to San Miguel since 1981, and now practically a full-time resident. He may be contacted at 415 101 8528 or email FAQ8@SMAguru.com.